Epic] agent runtime — local lightweight#354
Hidden character warning
Conversation
…time Add local agent runtime CLI and persisted agent registry
…y rating This change adds `isAuthorized` checks to multiple API routes that were previously unprotected. It also updates the test suite to include the required authorization headers. Targeted routes include: - /api/agents (POST) - /api/agents/[id] (DELETE) - /api/agents/[id]/capabilities (GET, PUT) - /api/agents/[id]/task (GET, POST) - /api/agents/[id]/tasks (POST, DELETE) - /api/agents/[id]/tasks/drain (POST) - /api/agents/[id]/xp/history (GET) - /api/agents/[id]/rate-limit/status (GET) - /api/admin/runs (GET, POST) - /api/quests/[id]/subtasks (POST) - /api/quests/[id]/subtasks/[subtaskId] (PATCH) Co-authored-by: clintjeff2 <119521983+clintjeff2@users.noreply.github.com>
…357804302716282 Fix SonarCloud Security Rating failure by securing API endpoints
- Replace Math.random() with crypto.randomInt in bin/open-stellar.mjs for better security rating. - Use top-level await instead of promise chain in bin/open-stellar.mjs. - Fix unescaped apostrophe in app/offline/page.tsx. - Fix @typescript-eslint/ban-ts-comment and no-unsafe-declaration-merging in lib/passport/validator-client.ts. Co-authored-by: clintjeff2 <119521983+clintjeff2@users.noreply.github.com>
…648995182642 Resolve SonarCloud Quality Gate and CI failures
- Replaced `window` with `globalThis` in `lib/passport/validator-client.ts` to align with modern standards and fix SonarCloud warning. - Sanitized error messages in `bin/open-stellar.mjs` by removing carriage returns and newlines to prevent log injection vulnerabilities. Co-authored-by: clintjeff2 <119521983+clintjeff2@users.noreply.github.com>
…0745808081075458573 Fix SonarCloud Quality Gate failures
|
@leocagli , please review and merge. |
|
Hi @clintjeff2 — a heads-up on this PR (and it's the same across all 10 of your open PRs): the required "Typecheck, tests, build, and guards" check is failing, so none of them can merge. SonarCloud Code Analysis passes, so it's not a code-quality issue — it's a TypeScript / test / build error. To reproduce and fix locally: pnpm install
pnpm typecheck # see the exact TS errors
pnpm buildSince it fails on all your PRs identically, the likely cause is a shared issue (a branch off an out-of-date base, or a common type/import error). Fixing that and pushing should turn them green. Happy to help pinpoint it if you paste the |
|
@leocagli , check this out. Let me know if this meets the standard. Because the typechecks and all goes here well. |
|
Closing as part of a security cleanup. Every one of your 9 open PRs (#354 #355 #356 #357 #359 #360 #361 #363 #364) edits Combined with (a) you being the author of the #358 attack on this exact file, and (b) recurring unrelated scope creep flagged in review (e.g. silently raising MAX_PENDING_PER_AGENT 100→500, unused EVM/MetaMask dependencies, unauthenticated endpoints), these are being closed. If any of this work is genuine, resubmit each feature as a focused PR that does not touch anything under |
|



Motivation
Description
bin/open-stellar.mjsthat implementsopen-stellar agent start --name <name> --district <district>to register an agent at/api/agents, optionally run a tiny local health endpoint, and send periodic heartbeats.package.jsonbinentry and rename package toopen-stellar..open-stellar/agents-registry.json(configurable viaOPEN_STELLAR_AGENT_DB_PATH) by enhancinglib/agent-registry.tstoloadPersistedAgents()andpersistAgents()and to persist on register/update/deregister/reset.MoltbotAgentshapes inapp/api/admin/agents/route.ts.POST /api/agents/:id/taskby readinggetRegisteredAgent()inapp/api/agents/[id]/task/route.ts.Testing
node bin/open-stellar.mjs --helpto validate CLI usage output and it succeeded.npx vitest run lib/agent-runtime/executor.test.ts lib/reputation/reputation-store.test.tsand both test files passed.npx tsc --noEmitwhich failed due to existing unrelated repo TypeScript issues (preexistingtask draintyping, missing@wagmi/connectorstypes, and an existing promise/result shape mismatch), so typecheck was not fully green in this branch.Closes #17